We performed a comparison between Cisco Secure Firewall and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The two solutions are very comparable. The only major difference between the two is that some users of Cisco Secure Firewall consider the deployment to be somewhat complex.
"The TAC is always very helpful. We pay for Tier 1 support, so we get whatever we need from them. They always give us a solution. If they can't give us an answer that day, they get back to us within at least 24 hours with a solution or fix. I have never had a problem with the TAC. I would rate them as 10 out of 10."
"Cisco has the best documentation. You can easily find multiple documents by searching the web. Even a child can go online and find the required information."
"The remote access, VPN, and ACL features are valuable. We are using role-based access for individuals."
"This solution helped us to identify the key areas where we need to focus to block traffic that is malicious to our organization."
"I like that Cisco Firepower NGFW Firewall is reliable. Support is also good."
"All the rules are secure and we haven't had a significant malware attack in the five years that we've been using ASA Firewall. It has been a tremendous improvement for our network. However, I can't quantify the benefits in monetary terms."
"One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now."
"I'm a big fan of SecureX, Cisco's platform for tying together all the different security tools. It has a lot of flexibility and even a lot of third-party or non-Cisco integration. I feel like that's a really valuable tool."
"A valuable feature involves the solution's manageability."
"We created and configured a VPN for connecting our remote sites and also to make it more secure and reliable. We also like its two-factor authentication features."
"Sophos began with a basic version and evolved into something more efficient in terms of performance."
"Dashboard is easy to use and the reporting offers a lot of detail."
"The multifactor authentication is helpful because whenever the user wants to connect to the firewall, they have to use the authenticator before they can access it."
"They really work scalability into the solution at the outset."
"The most valuable features of Sophos XG are user-friendliness and it is highly secure."
"It is very easy to configure and straightforward. The firewall rules are straightforward. It works great out of the box. It has been working as advertised, and I haven't had any issues with it."
"One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue."
"A feature that would allow me to load balance among multiple ISPs, especially since we have deployed it as a perimeter firewall, would be a great addition."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"They could improve by having more skilled, high-level engineers that are available around the clock. I know that's an easy thing to say and a hard thing to do."
"Maybe the dashboard could be a bit better."
"The only drawback of the user interface is when it comes to policies. When you open it and click on the policies, you have to move manually left and right if you want to see the whole field within the cell. Checkpoint has a very detailed user interface."
"An area for improvement is the graphical user interface. That is something that is coming up now. They could make the product more user-friendly. A better GUI is something that would make life much easier."
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."
"Everything is working as expected at this moment, but the anti-spam solution in Sophos XG needs to be improved. It needs more granular features and more stability. The anti-spam solution currently doesn't have many features, and we would like to have more features. At this moment, there is no expression filter for anti-spam. We need something to be able to filter subjects or attachments in emails based on the keyword. Sometimes, there is an issue with anti-spam, and Sophos XG suddenly stops processing incoming or outgoing emails. The only solution for this issue is to restart the appliance. Their support should be improved. It takes a long time to escalate a support case from level one to level two."
"The only area that requires improvement is scalability."
"The support service level agreement in regard to the amount of time needed to upgrade things is too low. It should be higher."
"There have been some issues when upgrading. For some reason, parts of the configuration become unconfigured, I then have to reconfigure it. I should not need to keep reconfiguring it after upgrades."
"When it comes to improvements that the vendor can make, we see that the cloud integration for managing all the firewalls is essentially a replacement of the on-prem version we had and is not sufficiently mature."
"Over the last six months, we have noticed that the hardware is slow, especially the VPN connections."
"The VPN features can be improved. Due to covid-19, we have a lot of employees that work from home and we need better VPN capabilities."
"The VPN device could be improved upon."
Cisco Secure Firewall is ranked 2nd in Firewalls with 91 reviews while Sophos XG is ranked 6th in Firewalls with 108 reviews. Cisco Secure Firewall is rated 8.2, while Sophos XG is rated 8.2. The top reviewer of Cisco Secure Firewall writes "The ability to implement dynamic policies for dynamic environments is important, given the fluidity in the world of security". On the other hand, the top reviewer of Sophos XG writes "Light and stable with excellent real-time control ". Cisco Secure Firewall is most compared with Fortinet FortiGate, Meraki MX, Palo Alto Networks WildFire, pfSense and Azure Firewall, whereas Sophos XG is most compared with Fortinet FortiGate, pfSense, OPNsense, Palo Alto Networks NG Firewalls and WatchGuard Firebox. See our Cisco Secure Firewall vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
My preference is the Sophos XGS, particularly when you team it up with the Sophos Endpoint Protection client and configure it for synchronized security.
Both can be managed through Sophos Central and are available at a decent price for the power they offer the SMB.
I recommend Sophos XGS firewall. It will offer the best solution for malware protection.
Also, I recomend Sophos CIXA with XDR (Sophos Endpoint), so you can use Syncronized Security.